#![allow(non_snake_case)]

/*
    Multi-party ECDSA

    Copyright 2018 by Kzen Networks

    This file is part of Multi-party ECDSA library
    (https://github.com/KZen-networks/multi-party-ecdsa)

    Multi-party ECDSA is free software: you can redistribute
    it and/or modify it under the terms of the GNU General Public
    License as published by the Free Software Foundation, either
    version 3 of the License, or (at your option) any later version.

    @license GPL-3.0+ <https://github.com/KZen-networks/multi-party-ecdsa/blob/master/LICENSE>
*/

// protocols::multi_party_ecdsa::

use crate::gg_2018::party_i::{
    verify, KeyGenBroadcastMessage1, KeyGenDecommitMessage1, Keys, LocalSignature, Parameters,
    PartyPrivate, Phase5ADecom1, Phase5Com1, SharedKeys, SignKeys,
};
use crate::mta::{MessageA, MessageB};
use serde_json::{Value, from_str,to_writer};
use anyhow::{Result};
use curv::arithmetic::traits::Converter;
use curv::cryptographic_primitives::hashing::{Digest, DigestExt};
use curv::cryptographic_primitives::proofs::sigma_dlog::DLogProof;
use curv::cryptographic_primitives::secret_sharing::feldman_vss::VerifiableSS;
use curv::elliptic::curves::{secp256_k1::Secp256k1, Point, Scalar};
use paillier::*;
use sha2::Sha256;

use tokio::fs::{File, OpenOptions};
use std::io::{self, Read, Write};

use std::time::{Instant, Duration};
use std::net::{TcpStream, TcpListener};
use serde_json::{to_vec, from_slice, from_value};
use std::{any, thread};
use tokio::runtime::Runtime;
use tokio::time::sleep;
use std::error::Error;
use super::party_i::{SignBroadcastPhase1, SignDecommitPhase1};
// #[cfg(test)]
use serde::{Serialize, Deserialize};
use std::fs;
use tokio::io::{AsyncWriteExt, AsyncReadExt};
use anyhow::{Context};
use tokio::sync::oneshot;


use std::path::Path;
use tokio::sync::Mutex;
use std::sync::Arc;

use std::io::BufWriter;
use std::fs::File as StdFile;
use curv::cryptographic_primitives::commitments::hash_commitment::HashCommitment;
// const N: &str = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141";


const FILE_PATH: &str = "src/key_data.json";

#[derive(Serialize, Deserialize, Debug)]
struct KeyData {
    party_keys_vec: Vec<Keys>,
    shared_keys_vec: Vec<SharedKeys>,
    pk_vec: Vec<Point<Secp256k1>>,
    y: Point<Secp256k1>,
    vss_scheme: VerifiableSS<Secp256k1, Sha256>,
    private_vec: Vec<PartyPrivate>,
    sign_keys_vec: Vec<SignKeys>,
}

// 保存数据到文件
fn save_key_data(data: &KeyData) -> Result<(), anyhow::Error> {
    let json = serde_json::to_string_pretty(data)?;
    fs::write(FILE_PATH, json)?;
    Ok(())
}

// 从文件加载数据
// fn load_key_data() -> Result<KeyData, anyhow::Error> {
//     let json = fs::read_to_string(FILE_PATH)?;
//     let data: KeyData = serde_json::from_str(&json)?;
//     Ok(data)
// }

fn load_key_data() -> Result<KeyData, anyhow::Error> {
    use std::env;

    let exe_path = env::current_exe()?; // exe 路径：target/release/my_project.exe
    let project_root = exe_path
        .parent() // target/release
        .and_then(|p| p.parent()) // target
        .and_then(|p| p.parent()) // 项目根目录
        .ok_or_else(|| anyhow::anyhow!("无法定位项目根目录"))?;

    let file_path = project_root.join("src").join("key_data.json");
    println!("🔍 正在读取 key_data.json 文件：{}", file_path.display());

    let json = std::fs::read_to_string(&file_path)?;
    let data: KeyData = serde_json::from_str(&json)?;
    Ok(data)
}


// #[test]
pub fn test_keygen_t1_n2() {
    let (party_keys_vec, shared_keys_vec, pk_vec, y_sum, vss_scheme) = keygen_t_n_parties(1, 3);
    
    //打印返回的每个值
    // println!("party_keys_vec: {:?}\n", party_keys_vec);
    // println!("shared_keys_vec: {:?}\n", shared_keys_vec);
    // println!("pk_vec: {:?}\n", pk_vec);
    // println!("y_sum: {:?}\n", y_sum);
    // println!("vss_scheme: {:?}\n", vss_scheme);
}

// #[tokio::test]
pub fn test_sign_n5_t2_tag4() {
    println!("[同步打印] 开始执行签名协议");
    sign(1, 3, 2, vec![0, 1]);
    println!("签名协议执行结束");
    // keyStore();
    // TCP_TS("127.0.0.1","8084").await.unwrap();
}

pub fn keygen_t_n_parties(
    t: u16,
    n: u16,
) -> (
    Vec<Keys>,
    Vec<SharedKeys>,
    Vec<Point<Secp256k1>>,
    Point<Secp256k1>,
    VerifiableSS<Secp256k1, Sha256>,
) {
    let parames = Parameters {
        threshold: t,
        share_count: n,
    };
    let party_keys_vec = (0..n).map(Keys::create).collect::<Vec<Keys>>();

    let (bc1_vec, decom_vec): (Vec<_>, Vec<_>) = party_keys_vec
        .iter()
        .map(|k| k.phase1_broadcast_phase3_proof_of_correct_key())
        .unzip();

    let y_vec = (0..usize::from(n))
        .map(|i| decom_vec[i].y_i.clone())
        .collect::<Vec<Point<Secp256k1>>>();
    let mut y_vec_iter = y_vec.iter();
    let head = y_vec_iter.next().unwrap();
    let tail = y_vec_iter;
    let y_sum = tail.fold(head.clone(), |acc, x| acc + x);

    let mut vss_scheme_vec = Vec::new();
    let mut secret_shares_vec = Vec::new();
    let mut index_vec = Vec::new();

    let vss_result: Vec<_> = party_keys_vec
        .iter()
        .map(|k| {
            k.phase1_verify_com_phase3_verify_correct_key_phase2_distribute(
                &parames, &decom_vec, &bc1_vec,
            )
            .expect("invalid key")
        })
        .collect();

    for (vss_scheme, secret_shares, index) in vss_result {
        vss_scheme_vec.push(vss_scheme);
        secret_shares_vec.push(secret_shares); // cannot unzip
        index_vec.push(index);
    }

    let vss_scheme_for_test = vss_scheme_vec.clone();

    let party_shares = (0..usize::from(n))
        .map(|i| {
            (0..usize::from(n))
                .map(|j| secret_shares_vec[j][i].clone())
                .collect::<Vec<Scalar<Secp256k1>>>()
        })
        .collect::<Vec<Vec<Scalar<Secp256k1>>>>();

    let mut shared_keys_vec = Vec::new();
    let mut dlog_proof_vec: Vec<DLogProof<Secp256k1, Sha256>> = Vec::new(); // 显式声明类型
    for (i, key) in party_keys_vec.iter().enumerate() {
        let (shared_keys, dlog_proof) = key
            .phase2_verify_vss_construct_keypair_phase3_pok_dlog(
                &parames,
                &y_vec,
                &party_shares[i],
                &vss_scheme_vec,
                (&index_vec[i] + 1),
            )
            .expect("invalid vss");
        shared_keys_vec.push(shared_keys);
        dlog_proof_vec.push(dlog_proof);
    }

    // 显式声明 pk_vec 的类型
    let pk_vec = dlog_proof_vec
        .iter()
        .map(|dlog_proof| dlog_proof.pk.clone())  // 访问 pk
        .collect::<Vec<Point<Secp256k1>>>();

    // both parties run:
    Keys::verify_dlog_proofs(&parames, &dlog_proof_vec, &y_vec).expect("bad dlog proof");

    // xi_vec 访问 shared_keys.x_i，确保该字段存在
    let xi_vec = shared_keys_vec
        .iter()
        .take(usize::from(t + 1))
        .map(|shared_keys| shared_keys.x_i.clone())
        .collect::<Vec<Scalar<Secp256k1>>>();

    let x = vss_scheme_for_test[0]
        .clone()
        .reconstruct(&index_vec[0..=usize::from(t)], &xi_vec);
    let sum_u_i = party_keys_vec
        .iter()
        .fold(Scalar::<Secp256k1>::zero(), |acc, x| acc + &x.u_i);
    assert_eq!(x, sum_u_i);

    (
        party_keys_vec,
        shared_keys_vec,
        pk_vec,
        y_sum,
        vss_scheme_for_test[0].clone(),
    )
}

pub fn keyStore()-> Result<(), Box<dyn std::error::Error>> {
    let (mut party_keys_vec, shared_keys_vec, pk_vec, y, vss_scheme) = keygen_t_n_parties(1, 3);

        let private_vec = (0..shared_keys_vec.len())
            .map(|i| PartyPrivate::set_private(party_keys_vec[i].clone(), shared_keys_vec[i].clone()))
            .collect::<Vec<PartyPrivate>>();

        let s = vec![0, 1];
        let sign_keys_vec: Vec<SignKeys> = (0..2)
            .map(|i| SignKeys::create(&private_vec[usize::from(s[i])], &vss_scheme, s[i], &s))
            .collect::<Vec<SignKeys>>();

        let key_data = KeyData {
            party_keys_vec,
            shared_keys_vec,
            pk_vec,
            y,
            vss_scheme,
            private_vec,
            sign_keys_vec,
        };

        // 保存数据到文件
        save_key_data(&key_data)?;
        Ok(())
}

pub fn sign(t: u16, n: u16, ttag: u16, s: Vec<u16>) -> Result<()> {
    // 清空文件，覆盖旧内容
    let mut file = std::fs::File::create("output.txt")?;
    // let file = File::create("D:\\study\\lzx\\SZRMB-main\\SZRMB-main\\usera\\output.json").await.context("Failed to create tcp1.json")?;
    //测试 writeln!(file, "Running sign function with parameters: t={}, n={}, ttag={}, s={:?}", t, n, ttag, s).unwrap();;
    // full key gen emulation
    // let (party_keys_vec, shared_keys_vec, _pk_vec, y, vss_scheme) = keygen_t_n_parties(t, n);

    // 从 key_data 中读取 keys
    let key_data = load_key_data()?;
    let s = vec![0usize, 1usize];
    let mut party_keys_vec = key_data.party_keys_vec;
    let mut shared_keys_vec = key_data.shared_keys_vec;
    let mut _pk_vec = key_data.pk_vec;
    let mut y = key_data.y;
    let mut vss_scheme = key_data.vss_scheme;
    let mut private_vec = key_data.private_vec;
    let mut sign_keys_vec = key_data.sign_keys_vec;

    // 0..shared_keys_vec.len() 0到生成一个从 0 到 shared_keys_vec 长度的整数范围（如 0,1,2...n-1）【n】
    // .map(|i|遍历执行
    // ？？？从PartyPrivate的impl中clone 将其作为 private
    let private_vec = (0..shared_keys_vec.len())
        .map(|i| PartyPrivate::set_private(party_keys_vec[i].clone(), shared_keys_vec[i].clone()))
        .collect::<Vec<PartyPrivate>>();

    // make sure that we have t<t'<n and the group s contains id's for t' parties
    // TODO: make sure s has unique id's and they are all in range 0..n
    // TODO: make sure this code can run when id's are not in ascending order
    // 保证ttag大于t 即参与人数是正确的
    assert!(ttag > t);
    let ttag = ttag as usize;
    assert_eq!(s.len(), ttag);

    // each party creates a signing key. This happens in parallel IRL. In this test we
    // create a vector of signing keys, one for each party.
    // throughout i will index parties
    // signkey在partyi中 由五部分组成 w_i, g_w_i, k_i, gamma_i, g_gamma_i,
    // 拿出来存好
    // let sign_keys_vec = (0..ttag)
    //     .map(|i| SignKeys::create(&private_vec[usize::from(s[i])], &vss_scheme, s[i], &s))
    //     .collect::<Vec<SignKeys>>();

    // each party computes [Ci,Di] = com(g^gamma_i) and broadcast the commitments
    // 在party—i文件中的phase1_broadcast函数中计算了承诺 
    let (bc1_vec, decommit_vec1): (Vec<_>, Vec<_>) =
        sign_keys_vec.iter().map(|k| k.phase1_broadcast()).unzip();
    
    writeln!(file, "phase1-broadcast the commitments: commitment={:?}", bc1_vec[1])?;
    
    // each party i sends encryption of k_i under her Paillier key
    // m_a_vec = [ma_0;ma_1;,...]
    // range proofs are ignored here, as there's no h1, h2, N_tilde setup in this version of GG18
    let m_a_vec: Vec<_> = sign_keys_vec
        .iter()
        .enumerate()
        .map(|(i, k)| MessageA::a(&k.k_i, &party_keys_vec[usize::from(s[i])].ek, &[]).0)
        .collect();

    // each party i sends responses to m_a_vec she received (one response with input gamma_i and one with w_i)
    // m_b_gamma_vec_all is a matrix where column i is a vector of message_b's that party i answers to all ma_{j!=i} using paillier key of party j to answer to ma_j

    // aggregation of the n messages of all parties
    let mut m_b_gamma_vec_all = Vec::new();
    let mut beta_vec_all = Vec::new();
    let mut m_b_w_vec_all = Vec::new();
    let mut ni_vec_all = Vec::new();

    for (i, key) in sign_keys_vec.iter().enumerate() {
        let mut m_b_gamma_vec = Vec::new();
        let mut beta_vec = Vec::new();
        let mut m_b_w_vec = Vec::new();
        let mut ni_vec = Vec::new();

        for j in 0..ttag - 1 {
            let ind = if j < i { j } else { j + 1 };

            let (m_b_gamma, beta_gamma, _, _) = MessageB::b(
                &key.gamma_i,
                &party_keys_vec[usize::from(s[ind])].ek,
                m_a_vec[ind].clone(),
                &[],
            )
            .unwrap();
            let (m_b_w, beta_wi, _, _) = MessageB::b(
                &key.w_i,
                &party_keys_vec[usize::from(s[ind])].ek,
                m_a_vec[ind].clone(),
                &[],
            )
            .unwrap();

            // println!("beta_wi:{:?}",&beta_wi);
            m_b_gamma_vec.push(m_b_gamma);
            beta_vec.push(beta_gamma);
            m_b_w_vec.push(m_b_w);
            ni_vec.push(beta_wi);
        }
        m_b_gamma_vec_all.push(m_b_gamma_vec.clone());
        beta_vec_all.push(beta_vec.clone());
        m_b_w_vec_all.push(m_b_w_vec.clone());
        ni_vec_all.push(ni_vec.clone());
    }

    // Here we complete the MwA protocols by taking the mb matrices and starting with the first column generating the appropriate message
    // for example for index i=0 j=0 we need party at index s[1] to answer to mb that party s[0] sent, completing a protocol between s[0] and s[1].
    //  for index i=1 j=0 we need party at index s[0] to answer to mb that party s[1]. etc.
    // IRL each party i should get only the mb messages that other parties sent in response to the party i ma's.
    // TODO: simulate as IRL
    let mut alpha_vec_all = Vec::new();
    let mut miu_vec_all = Vec::new();

    for i in 0..ttag {
        let mut alpha_vec = Vec::new();
        let mut miu_vec = Vec::new();

        let m_b_gamma_vec_i = &m_b_gamma_vec_all[i];
        let m_b_w_vec_i = &m_b_w_vec_all[i];

        for j in 0..ttag - 1 {
            let ind = if j < i { j } else { j + 1 };
            let m_b = m_b_gamma_vec_i[j].clone();

            let alpha_ij_gamma = m_b
                .verify_proofs_get_alpha(
                    &party_keys_vec[usize::from(s[ind])].dk,
                    &sign_keys_vec[ind].k_i,
                )
                .expect("wrong dlog or m_b");
            let m_b = m_b_w_vec_i[j].clone();
            let alpha_ij_wi = m_b
                .verify_proofs_get_alpha(
                    &party_keys_vec[usize::from(s[ind])].dk,
                    &sign_keys_vec[ind].k_i,
                )
                .expect("wrong dlog or m_b");

            // since we actually run two MtAwc each party needs to make sure that the values B are the same as the public values
            // here for b=w_i the parties already know W_i = g^w_i  for each party so this check is done here. for b = gamma_i the check will be later when g^gamma_i will become public
            // currently we take the W_i from the other parties signing keys
            // TODO: use pk_vec (first change from x_i to w_i) for this check.
            assert_eq!(m_b.b_proof.pk, sign_keys_vec[i].g_w_i);

            alpha_vec.push(alpha_ij_gamma);
            miu_vec.push(alpha_ij_wi);
        }
        alpha_vec_all.push(alpha_vec.clone());
        miu_vec_all.push(miu_vec.clone());
    }

    let mut delta_vec = Vec::new();
    let mut sigma_vec = Vec::new();

    for i in 0..ttag {
        let alpha_vec: Vec<Scalar<Secp256k1>> = (0..alpha_vec_all[i].len())
            .map(|j| alpha_vec_all[i][j].0.clone())
            .collect();
        let miu_vec: Vec<Scalar<Secp256k1>> = (0..miu_vec_all[i].len())
            .map(|j| miu_vec_all[i][j].0.clone())
            .collect();

        let delta = sign_keys_vec[i].phase2_delta_i(&alpha_vec[..], &beta_vec_all[i]);
        let sigma = sign_keys_vec[i].phase2_sigma_i(&miu_vec[..], &ni_vec_all[i]);
        delta_vec.push(delta);
        sigma_vec.push(sigma);
    }
    
    writeln!(file, "phase2-mta protocol: delta_i={:?}, sigma_i={:?}", delta_vec[1], sigma_vec[1])?;
    
    // all parties broadcast delta_i and compute delta_i ^(-1)
    let delta_inv = SignKeys::phase3_reconstruct_delta(&delta_vec);

    writeln!(file, "phase3-reconstruct_delta: delta_inv={:?}", delta_inv)?;
    
    // de-commit to g^gamma_i from phase1, test comm correctness, and that it is the same value used in MtA.
    // Return R

    let _g_gamma_i_vec = (0..ttag)
        .map(|i| sign_keys_vec[i].g_gamma_i.clone())
        .collect::<Vec<Point<Secp256k1>>>();

    let R_vec = (0..ttag)
        .map(|_| {
            // each party i tests all B = g^b = g ^ gamma_i she received.
            let b_proof_vec = (0..ttag)
                .map(|j| {
                    let b_gamma_vec = &m_b_gamma_vec_all[j];
                    &b_gamma_vec[0].b_proof
                })
                .collect::<Vec<&DLogProof<Secp256k1, Sha256>>>();
            SignKeys::phase4(&delta_inv, &b_proof_vec, decommit_vec1.clone(), &bc1_vec)
                .expect("bad gamma_i decommit")
        })
        .collect::<Vec<Point<Secp256k1>>>();


    writeln!(file, "phase4-gamma_i decommit: R={:?}", R_vec[1])?;

    // 测试一下sigma的和是多少
    let test1 = &sigma_vec[0] +&sigma_vec[1];
    println!("test1local:{:?}",test1);

    let message: [u8; 1] = [50];
    let message_hash = Sha256::new()
        .chain_bigint(&BigInt::from_bytes(&message[..]))
        .result_bigint();
    let mut local_sig_vec = Vec::new();

    // each party computes s_i but don't send it yet. we start with phase5
    for i in 0..ttag {
        let local_sig = LocalSignature::phase5_local_sig(
            &sign_keys_vec[i].k_i,
            &message_hash,
            &R_vec[i],
            &sigma_vec[i],
            &y,
        );
        local_sig_vec.push(local_sig);
    }
    writeln!(file, "local_sig_vec:={:?}", local_sig_vec[0])?;
    writeln!(file, "local_sig_vec:={:?}", local_sig_vec[1])?;

    let mut phase5_com_vec: Vec<Phase5Com1> = Vec::new();
    let mut phase_5a_decom_vec: Vec<Phase5ADecom1> = Vec::new();
    let mut helgamal_proof_vec = Vec::new();
    let mut dlog_proof_rho_vec = Vec::new();
    // we notice that the proof for V= R^sg^l, B = A^l is a general form of homomorphic elgamal.
    for sig in &local_sig_vec {
        let (phase5_com, phase_5a_decom, helgamal_proof, dlog_proof_rho) =
            sig.phase5a_broadcast_5b_zkproof();
        phase5_com_vec.push(phase5_com);
        phase_5a_decom_vec.push(phase_5a_decom);
        helgamal_proof_vec.push(helgamal_proof);
        dlog_proof_rho_vec.push(dlog_proof_rho);
    }

    let mut phase5_com2_vec = Vec::new();
    let mut phase_5d_decom2_vec = Vec::new();
    for i in 0..ttag {
        let mut phase_5a_decom_vec_clone = phase_5a_decom_vec.clone();
        let mut phase_5a_com_vec_clone = phase5_com_vec.clone();
        let mut phase_5b_elgamal_vec_clone = helgamal_proof_vec.clone();

        let _decom_i = phase_5a_decom_vec_clone.remove(i);
        let _com_i = phase_5a_com_vec_clone.remove(i);
        let _elgamal_i = phase_5b_elgamal_vec_clone.remove(i);
        //        for j in 0..s_minus_i.len() {
        let (phase5_com2, phase_5d_decom2) = local_sig_vec[i]
            .phase5c(
                &phase_5a_decom_vec_clone,
                &phase_5a_com_vec_clone,
                &phase_5b_elgamal_vec_clone,
                &dlog_proof_rho_vec,
                &phase_5a_decom_vec[i].V_i,
                &R_vec[0],
            )
            .expect("error phase5");
        phase5_com2_vec.push(phase5_com2);
        phase_5d_decom2_vec.push(phase_5d_decom2);
        //        }
    }

    // assuming phase5 checks passes each party sends s_i and compute sum_i{s_i}
    let mut s_vec: Vec<Scalar<Secp256k1>> = Vec::new();
    for sig in &local_sig_vec {
        let s_i = sig
            .phase5d(&phase_5d_decom2_vec, &phase5_com2_vec, &phase_5a_decom_vec)
            .expect("bad com 5d");
        s_vec.push(s_i);
    }

    writeln!(file, "phase5-compute s_i: s_i={:?}", s_vec[1])?;
    // println!("s_0t:{:?}",&local_sig_vec[0].s_i);
    // println!("s_1t:{:?}",&local_sig_vec[1].s_i);
    // println!("s_0local:{:?}",&s_vec[0]);
    // println!("s_1local:{:?}",&s_vec[1]);
    
    // here we compute the signature only of party i=0 to demonstrate correctness.
    s_vec.remove(0);
    let sig = local_sig_vec[0]
        .output_signature(&s_vec)
        .expect("verification failed");

    assert_eq!(local_sig_vec[0].y, y);
    verify(&sig, &local_sig_vec[0].y, &local_sig_vec[0].m).unwrap();
    check_sig(&sig.r, &sig.s, &local_sig_vec[0].m, &y);

    writeln!(file, "sig: sig={:?}", sig)?;
    // let data = serde_json::json!({
    //     // "bc1": bc1_vec[0],
    //     // "decommit1": decommit_vec1[0],
    //     // "m_a": m_a_vec[0],
    //     "sig": sig,
    // });
    // to_writer(file.into_std().await, &data).context("Failed to write output.json")?;

    // println!("R:{:?}",local_sig.R);
    // println!("rlocal:{:?}",sig.r);
    // println!("s:{:?}",local_sig.s_i);
    // println!("R1:{:?}",local_sig_peer.R);
    // println!("r1:{:?}",local_sig_peer.r);
    // println!("s_0local:{:?}",s_vec[0]);
    // println!("s_1local:{:?}",s_vec[1]);
    // let testk = &sign_keys_vec[0].k_i + &sign_keys_vec[1].k_i;
    // let m_fe = Scalar::<Secp256k1>::from(&message_hash);
    // let testmul1 = testk * m_fe;
    // let testmul2 = &sig.r * test1;
    // let testadd = testmul1 + testmul2;
    // println!("functionlocal:{:?}",&testadd);

    // println!("s_sumlocal:{:?}",&sig.s);
    // let testadd2 = &sig.s +&testadd;
    // println!("add:{:?}",testadd2);

    // println!("s1:{:?}",local_sig_peer.s_i);
    
    Ok(())
}

pub fn check_sig(r: &Scalar<Secp256k1>, s: &Scalar<Secp256k1>, msg: &BigInt, pk: &Point<Secp256k1>) {
    use secp256k1::{Message, PublicKey, Signature, SECP256K1};

    let raw_msg = BigInt::to_bytes(msg);
    let mut msg: Vec<u8> = Vec::new(); // padding
    msg.extend(vec![0u8; 32 - raw_msg.len()]);
    msg.extend(raw_msg.iter());

    let msg = Message::from_slice(msg.as_slice()).unwrap();
    let slice = pk.to_bytes(false);
    let mut raw_pk = Vec::new();
    if slice.len() != 65 {
        // after curv's pk_to_key_slice return 65 bytes, this can be removed
        raw_pk.insert(0, 4u8);
        raw_pk.extend(vec![0u8; 64 - slice.len()]);
        raw_pk.extend(slice.as_ref());
    } else {
        raw_pk.extend(slice.as_ref());
    }

    assert_eq!(raw_pk.len(), 65);

    let pk = PublicKey::from_slice(&raw_pk).unwrap();
    // println!("pk: {:?}", pk);//打印

    let mut compact: Vec<u8> = Vec::new();
    let bytes_r = &r.to_bytes()[..];
    compact.extend(vec![0u8; 32 - bytes_r.len()]);
    compact.extend(bytes_r.iter());

    let bytes_s = &s.to_bytes()[..];
    compact.extend(vec![0u8; 32 - bytes_s.len()]);
    compact.extend(bytes_s.iter());

    let secp_sig = Signature::from_compact(compact.as_slice()).unwrap();

    // println!("secp_sig: {:?}", secp_sig);//打印

    let is_correct = SECP256K1.verify(&msg, &secp_sig, &pk).is_ok();
    assert!(is_correct);
}

async fn send_and_receive_tcp(ip: &str, port: &str, message: &str) -> Result<(), anyhow::Error> {
    // 格式化地址
    let address = format!("{}:{}", ip, port);

    // 连接到 TCP 服务器
    let mut stream = TcpStream::connect(&address)
        .with_context(|| format!("Failed to connect to {}", address))?;

    // 发送消息
    stream
        .write_all(message.as_bytes())
        .with_context(|| format!("Failed to send message to {}", address))?;

    println!("Sent message '{}' to {}", message, address);
    Ok(())
}

pub async fn fetch_json_via_tcp(
    ip: &str,
    port: &str,
    file_path: &str,
) -> Result<Value, Box<dyn Error>> {
    // 重试参数（固定值）
    const MAX_RETRIES: usize = 5; // 最大重试次数
    const INITIAL_DELAY: Duration = Duration::from_secs(1); // 初始等待时间

    let mut retries = 0;
    let mut delay = INITIAL_DELAY;

    loop {
        // 尝试连接服务器
        let address = format!("{}:{}", ip, port);
        match tokio::net::TcpStream::connect(&address).await {
            Ok(mut stream) => {
                println!("Connected to server at {}:{}", ip, port);

                // 发送请求（文件路径）
                let request = format!("GET {}\n", file_path); // 自定义协议：发送文件路径
                if let Err(e) = stream.write_all(request.as_bytes()).await {
                    eprintln!("Failed to send request: {}. Retrying in {:?}...", e, delay);
                    retries += 1;
                    if retries >= MAX_RETRIES {
                        return Err(format!("Max retries reached. Last error: {}", e).into());
                    }
                    sleep(delay).await;
                    delay = delay * 2; // 指数退避
                    continue;
                }
                println!("Sent request: {}", request.trim());

                // 接收响应
                let mut buffer = Vec::new();
                if let Err(e) = stream.read_to_end(&mut buffer).await {
                    eprintln!("Failed to read response: {}. Retrying in {:?}...", e, delay);
                    retries += 1;
                    if retries >= MAX_RETRIES {
                        return Err(format!("Max retries reached. Last error: {}", e).into());
                    }
                    sleep(delay).await;
                    delay = delay * 2; // 指数退避
                    continue;
                }

                // 解析 JSON 数据
                let json_text = String::from_utf8(buffer)?;
                println!("Received JSON data: {}", json_text);
                let json_data = serde_json::from_str(&json_text)?;
                return Ok(json_data);
            }
            Err(e) => {
                eprintln!("Failed to connect to server: {}. Retrying in {:?}...", e, delay);
                retries += 1;
                if retries >= MAX_RETRIES {
                    return Err(format!("Max retries reached. Last error: {}", e).into());
                }
                sleep(delay).await;
                delay = delay * 2; // 指数退避
            }
        }
    }
}




// 实现文件存在本地的签名版本
pub async fn test1(a:i32, b:i32, message: &str) -> Result<(Scalar<Secp256k1>, Scalar<Secp256k1>), Box<dyn std::error::Error>> {

    // 从 key_data 中读取 keys
    let lock = Arc::new(Mutex::new(()));
    let key_data = load_key_data()?;
    let mut party_key = key_data.party_keys_vec[a as usize].clone();
    let mut party_key_peer = key_data.party_keys_vec[b as usize].clone();
    let mut shared_key = key_data.shared_keys_vec[a as usize].clone();
    let mut pk = key_data.pk_vec[a as usize].clone();
    let mut y = key_data.y;
    let mut vss_scheme = key_data.vss_scheme;
    let mut private = key_data.private_vec[a as usize].clone();
    let mut sign_key = key_data.sign_keys_vec[a as usize].clone();
    let mut sign_key_peer = key_data.sign_keys_vec[b as usize].clone();

    //phase1 计算第一阶段的承诺和第二阶段中作为a的数据m_a
    let (mut bc1, mut decommit1) = sign_key.phase1_broadcast();
    let mut m_a = MessageA::a(&sign_key.k_i, &party_key.ek, &[]).0;


    // 加锁版本
    let local_path1 = format!("./shared/phase1_{}.json", a);
    let local_ready1 = format!("./shared/phase1_{}.ready", a);
    {
        let _guard = lock.lock().await; // 获取锁
        let file = OpenOptions::new()
            .write(true)
            .create(true)
            .open(&local_path1)
            .await
            .context("无法创建 phase1.json")?;
        let data = serde_json::json!({
            "bc1": bc1,
            "decommit1": decommit1,
            "m_a": m_a,
        });
        to_writer(file.into_std().await, &data).context("无法写入 phase1.json")?;
        fs::write(&local_ready1, "").context("无法写入 ready 文件")?;
    } // 锁自动释放

    // 读取对方写的文件
    let peer_path1 = format!("./shared/phase1_{}.json", b);
    let peer_ready_path1 = format!("./shared/phase1_{}.ready", b);
    let json_data: Value = loop {
        // 等待 ready 文件存在，说明写入完成
        if Path::new(&peer_ready_path1).exists() {
            let _guard = lock.lock().await; // 获取锁
            let content = fs::read_to_string(&peer_path1).context("读取对方 phase1.json 失败")?;
            if let Ok(json) = from_str(&content) {
                break json;
            }
        }
        println!("{}等待对方写入 phase1.json ...", a);
        sleep(Duration::from_millis(1500)).await;
    };

    // 清理对方的 ready 文件，为下一轮准备
    fs::remove_file(&peer_ready_path1).ok();

    // 读取对方发送的信息
    let bc1_val = json_data.get("bc1").context("bc1 缺失")?;
    let decommit1_val = json_data.get("decommit1").context("decommit1 缺失")?;
    let m_a_val = json_data.get("m_a").context("m_a 缺失")?;

    // 反序列化
    let bc1_peer :SignBroadcastPhase1 = from_value(bc1_val.clone()).context("反序列化 bc1 失败")?;
    let decommit1_peer :SignDecommitPhase1 = from_value(decommit1_val.clone()).context("反序列化 decommit1 失败")?;
    let m_a_peer:MessageA = from_value(m_a_val.clone()).context("反序列化 m_a 失败")?;


    let key = sign_key.clone();
    // 第二阶段继续进行 拿到对方的输入 相当于作为右侧的人进行计算 并将结果发送

    let (m_b_gamma, beta_ba_gamma, _, _) = MessageB::b(
        &key.gamma_i,
        &party_key_peer.ek,
        m_a_peer.clone(),
        &[],
    )
    .map_err(|e| anyhow::anyhow!("Failed to create MessageB: {:?}", e))?;
    let (m_b_w, beta_ba_w, _, _) = MessageB::b(
        &key.w_i,
        &party_key_peer.ek,
        m_a_peer.clone(),
        &[],
    )
    .map_err(|e| anyhow::anyhow!("Failed to create MessageB: {:?}", e))?;


    // 加锁版本
    let local_path2 = format!("./shared/phase2_{}.json", a);
    let local_ready2 = format!("./shared/phase2_{}.ready", a);
    {
        let _guard = lock.lock().await; // 获取锁
        let file = OpenOptions::new()
            .write(true)
            .create(true)
            .open(&local_path2)
            .await
            .context("无法创建 phase2.json")?;
        let data = serde_json::json!({
            "m_b_gamma": m_b_gamma,
            "m_b_w": m_b_w,
        });
        to_writer(file.into_std().await, &data).context("无法写入 phase2.json")?;
        fs::write(&local_ready2, "").context("无法写入 ready 文件")?;
    } // 锁自动释放

    // 读取对方写的文件
    let peer_path2 = format!("./shared/phase2_{}.json", b);
    let peer_ready_path2 = format!("./shared/phase2_{}.ready", b);
    let json_data: Value = loop {
        // 等待 ready 文件存在，说明写入完成
        if Path::new(&peer_ready_path2).exists() {
            let _guard = lock.lock().await; // 获取锁
            let content = fs::read_to_string(&peer_path2).context("读取对方 phase2.json 失败")?;
            if let Ok(json) = from_str(&content) {
                break json;
            }
        }
        println!("{}等待对方写入 phase2.json ...", a);
        sleep(Duration::from_millis(1500)).await;
    };

    // 清理对方的 ready 文件，为下一轮准备
    fs::remove_file(&peer_ready_path2).ok();


    let m_b_gamma_val = json_data.get("m_b_gamma").context("m_b_gamma not found")?;
    let m_b_w_val = json_data.get("m_b_w").context("m_b_w not found")?;
    let m_b_gamma_peer : MessageB = from_value(m_b_gamma_val.clone()).context("反序列化 m_b_gamma 失败")?;
    let m_b_w_peer : MessageB = from_value(m_b_w_val.clone()).context("反序列化 m_b_w 失败")?;

    // 得到对方的值 相当于作为左面的人 与对面进行了交互 继续拿到值计算作为左面人的结果
    let (alpha_ab_gamma, _) =  m_b_gamma_peer
        .verify_proofs_get_alpha(
            &party_key.dk,
            &sign_key.k_i,
        )
        .map_err(|e| anyhow::anyhow!("Failed to create MessageB: {:?}", e))?;

    let (alpha_ab_w,_) = m_b_w_peer
        .verify_proofs_get_alpha(
            &party_key.dk,
            &sign_key.k_i,
        )
        .map_err(|e| anyhow::anyhow!("Failed to create MessageB: {:?}", e))?;


    // 复原delta_i sigma_i 把他们求和加起来

    let mut delta_i = Scalar::<Secp256k1>::random();
    let mut sigma_i = Scalar::<Secp256k1>::random();

    let ki_gamma_i = &key.k_i * &key.gamma_i;
    let ki_w_i = &sign_key.k_i * &sign_key.w_i;

    delta_i = ki_gamma_i + alpha_ab_gamma + beta_ba_gamma ;
    sigma_i = ki_w_i + &alpha_ab_w + &beta_ba_w ;



    // 加锁版本
    let local_path3 = format!("./shared/phase3_{}.json", a);
    let local_ready3 = format!("./shared/phase3_{}.ready", a);
    {
        let _guard = lock.lock().await; // 获取锁
        let file = OpenOptions::new()
            .write(true)
            .create(true)
            .open(&local_path3)
            .await
            .context("无法创建 phase3.json")?;
        let data = serde_json::json!({
            "delta_i": delta_i,
            "sigma_i": sigma_i,
        });
        to_writer(file.into_std().await, &data).context("无法写入 phase3.json")?;
        fs::write(&local_ready3, "").context("无法写入 ready 文件")?;
    } // 锁自动释放


    // 读取对方写的文件
    let peer_path3 = format!("./shared/phase3_{}.json", b);
    let peer_ready_path3 = format!("./shared/phase3_{}.ready", b);
    let json_data: Value = loop {
        // 等待 ready 文件存在，说明写入完成
        if Path::new(&peer_ready_path3).exists() {
            let _guard = lock.lock().await; // 获取锁
            let content = fs::read_to_string(&peer_path3).context("读取对方 phase3.json 失败")?;
            if let Ok(json) = from_str(&content) {
                break json;
            }
        }
        println!("{}等待对方写入 phase3.json ...", a);
        sleep(Duration::from_millis(1500)).await;
    };

    // 清理对方的 ready 文件，为下一轮准备
    fs::remove_file(&peer_ready_path3).ok();



    let delta_val = json_data.get("delta_i").context("delta_i not found")?;
    let sigma_val = json_data.get("sigma_i").context("sigma_i not found")?;

    let delta_peer : Scalar<Secp256k1>= from_value(delta_val.clone()).context("反序列化 delta 失败")?;
    let sigma_peer : Scalar<Secp256k1>= from_value(sigma_val.clone()).context("反序列化 sigma 失败")?;




    // phase3 求delta的逆 
    let mut delta_vec: Vec<Scalar<Secp256k1>> = Vec::new();
    delta_vec.push(delta_i.clone());       
    delta_vec.push(delta_peer.clone()); 
    let delta_inv = SignKeys::phase3_reconstruct_delta(&delta_vec);

    // phase4 发送 g_gamma_i
    let mut g_gamma_i = sign_key.g_gamma_i.clone();


    // 加锁版本
    let local_path4 = format!("./shared/phase4_{}.json", a);
    let local_ready4 = format!("./shared/phase4_{}.ready", a);
    {
        let _guard = lock.lock().await; // 获取锁
        let file = OpenOptions::new()
            .write(true)
            .create(true)
            .open(&local_path4)
            .await
            .context("无法创建 phase4.json")?;
        let data = serde_json::json!({
            "g_gamma_i": g_gamma_i
        });
        to_writer(file.into_std().await, &data).context("无法写入 phase4.json")?;
        fs::write(&local_ready4, "").context("无法写入 ready 文件")?;
    } // 锁自动释放

    // 读取对方写的文件
    let peer_path4 = format!("./shared/phase4_{}.json", b);
    let peer_ready_path4 = format!("./shared/phase4_{}.ready", b);
    let json_data: Value = loop {
        // 等待 ready 文件存在，说明写入完成
        if Path::new(&peer_ready_path4).exists() {
            let _guard = lock.lock().await; // 获取锁
            let content = fs::read_to_string(&peer_path4).context("读取对方 phase4.json 失败")?;
            if let Ok(json) = from_str(&content) {
                break json;
            }
        }
        println!("{}等待对方写入 phase4.json ...", a);
        sleep(Duration::from_millis(1500)).await;
    };

    // 清理对方的 ready 文件，为下一轮准备
    fs::remove_file(&peer_ready_path4).ok();

    // 提取数据
    let g_gamma_i_val = json_data.get("g_gamma_i").context("g_gamma_i not found")?;
    // let decommit1_val = json_data.get("decommit1").context("decommit1 缺失")?;
    let g_gamma_i_peer : Point<Secp256k1> = from_value(g_gamma_i_val.clone()).context("反序列化 g_gamma_i 失败")?;
    // let decommit1_peer :SignDecommitPhase1 = from_value(decommit1_val.clone()).context("反序列化 decommit1 失败")?;

    let b_proof_peer = &m_b_gamma_peer.b_proof;

    // phase4 作为右面的人验证收到的一些消息并计算R
    let R = SignKeys::phase42(
        &delta_inv,
        &b_proof_peer,
        &decommit1_peer,
        &bc1_peer,
        &g_gamma_i,
        &g_gamma_i_peer,
    ).map_err(|e| anyhow::anyhow!(e))?;

    let mut hasher = Sha256::new();
    hasher.update(message.as_bytes());
    let hash_result = hasher.finalize(); // 32字节的sha256哈希值
    let message_hash = BigInt::from_bytes(&hash_result);

    // Phase5 计算签名并发送 
    let local_sig: LocalSignature = LocalSignature::phase5_local_sig(
        &sign_key.k_i,
        &message_hash,
        &R,
        &sigma_i,
        &y,
    );

    let local_path5 = format!("./shared/phase5_{}.json", a);
    let local_ready5 = format!("./shared/phase5_{}.ready", a);
    {
        let _guard = lock.lock().await; // 获取锁
        let file = OpenOptions::new()
            .write(true)
            .create(true)
            .open(&local_path5)
            .await
            .context("无法创建 phase5.json")?;
        let data = serde_json::json!({
            "local_sig": local_sig
        });
        to_writer(file.into_std().await, &data).context("无法写入 phase5.json")?;
        fs::write(&local_ready5, "").context("无法写入 ready 文件")?;
    } // 锁自动释放

    // 读取对方写的文件
    let peer_path5 = format!("./shared/phase5_{}.json", b);
    let peer_ready_path5 = format!("./shared/phase5_{}.ready", b);
    let json_data: Value = loop {
        // 等待 ready 文件存在，说明写入完成
        if Path::new(&peer_ready_path5).exists() {
            let _guard = lock.lock().await; // 获取锁
            let content = fs::read_to_string(&peer_path5).context("读取对方 phase5.json 失败")?;
            if let Ok(json) = from_str(&content) {
                break json;
            }
        }
        println!("{}等待对方写入 phase5.json ...", a);
        sleep(Duration::from_millis(1500)).await;
    };

    // 清理对方的 ready 文件，为下一轮准备
    fs::remove_file(&peer_ready_path5).ok();


    let local_sig_val = json_data.get("local_sig").context("local_sig not found")?;
    let local_sig_peer : LocalSignature = from_value(local_sig_val.clone()).context("反序列化 local_sig 失败")?;

    // phase5 收到对面sig后加起来并返回
    let mut s: Scalar<Secp256k1> = local_sig.s_i+local_sig_peer.s_i;

    // 取逆后取更小的作为最后的签名
    let s_bn = s.to_bigint();
    let s_tag_bn = Scalar::<Secp256k1>::group_order() - &s_bn;
    if s_bn > s_tag_bn {
        s = Scalar::<Secp256k1>::from(&s_tag_bn);
    }
    // println!("s:{:?}",&s);
    check_sig(&local_sig.r, &s, &message_hash, &y);
    Ok((local_sig.r, s))



}


// #[test]
// fn test_serialize_deserialize() {
//     use serde_json;

//     let k = Keys::create(0);
//     let (commit, decommit) = k.phase1_broadcast_phase3_proof_of_correct_key();

//     let encoded = serde_json::to_string(&commit).unwrap();
//     let decoded: KeyGenBroadcastMessage1 = serde_json::from_str(&encoded).unwrap();
//     assert_eq!(commit.com, decoded.com);

//     let encoded = serde_json::to_string(&decommit).unwrap();
//     let decoded: KeyGenDecommitMessage1 = serde_json::from_str(&encoded).unwrap();
//     assert_eq!(decommit.y_i, decoded.y_i);
// }

